To update: 12/8/2021: Turns out there is a new PrintNightmare vulnerability, so this situation is not over yet.
The PrintNightmare vulnerability has been a serious hurdle for Microsoft to deal with, but the company can finally have the situation under control thanks to a new Windows update that has just Announced in the Microsoft Security Response Center.
How did Microsoft fix the PrintNightmare problem?
Microsoft says it managed to change the default behavior of Point and Print to make it more secure. Now, Point and Print driver installation and update behavior will require administrator privileges, which should prevent the exploitation of the Windows Print Spooler that could be used by malicious people to gain administrative privileges in Windows.
An individual was able to use a custom print server to gain access through this exploit. Despite this, with this update, Microsoft says it can “Microsoft says it can”.
Unfortunately, there is a drawback, since non-elevated users may have difficulty adding or updating printers. Despite this, Microsoft feels the security risks caused by PrintNightmare are worth it.
If you really want to allow non-elevated users to add printers, you can follow the instructions in this Microsoft support article to disable this mitigation with a registry key. Despite this, doing so will expose you to this known vulnerability and is not recommended.
How to get the update
If you have automatic Windows updates enabled, I shouldn't have to do anything.
For those who do not have the function activated, they will have to update Windows manually. To do it, click on “Update and security” and then click “Search for updates”. Then, look for version KB5005033 to apply the patch and make sure your computer is protected from this critical vulnerability. Your computer should automatically restart throughout the procedure, and you're ready to go.
